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DETAILED ACTION 

1. Claims 1-10, 31-40, 50-51 and 82-87 are pending in tliis application. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
states. 

3. Claims 31 -32, 35-40, 50-51 , 82-83 and 86-87 are rejected under 35 
U.S.C. 102(b) as being anticipated by Antur et al. (Patent No.: US 6,243,815 B1) 
(hereinafter, "Antur"). 

4. As to claim 31 , Antur discloses a method for distributing security policy 
implementation information to multiple security devices for use in implementing a 
security policy (abstract), the method comprising: 

for each of the security devices, determining a supervisor device currently 
associated with the security device (FIG. 7, col. 2, lines 53-67 to col. 3, lines 1-5, col. 9, 
lines 10-36); 

disthbuting the security policy implementation information to each of the 
determined supervisor devices (col. 9, lines 15-26); and 
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indicating to each of the determined supervisor devices to distribute the security 
policy implementation information to the security devices with which the supervisor 
device is associated (col. 9, lines 45-58). 

5. As to claim 82, it is rejected using the same rationale as for the rejection of claim 
31. 

6. As to claims 32 and 83, Antur discloses wherein the security policy 
implementation information is software to be executed by the security devices to control 
the implementing of the security policy (col. 2, lines 53-67 to col. 3, lines 1-5, col. 9, 
lines 10-36). 

7. As to claims 35 and 86, Antur discloses wherein the security policy 
implementation information is an instruction to be executed by the multiple security 
devices related to the implementing of the security policy (col. 2, lines 53-67 to col. 3, 
lines 1-5, col. 9, lines 10-36). 

8. As to claim 36, Antur discloses wherein the security policy implementation 
information is information common to the multiple security devices, and wherein for 
each of the multiple security devices the common information is for configuring a 
security policy template for the security device with information specific to the security 
device (col. 9, lines 10-36). 
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9. As to claim 37, Antur discloses wherein before the security policy implementation 
information is distributed to each of the multiple security devices, at least some of the 
multiple security devices have existing security policy implementation information of a 
similar type, and wherein for those security devices the security policy implementation 
information to be distributed will replace the existing security policy implementation 
information (col. 5, lines 34-53, col. 9, lines 45-60). 

1 0. As to claim 38, Antur discloses wherein before the security policy implementation 
information is distributed to each of the multiple security devices, at least some of the 
multiple security devices have existing security policy implementation information of a 
similar type, and wherein for those security devices the security policy implementation 
information to be distributed will supplement the existing security policy implementation 
information (col. 5, lines 34-53, col. 9, lines 45-60). 

11. As to claim 39, Antur discloses wherein the distributing of the security policy 
implementation information to each of the determined supervisor devices is performed 
in a manner such that the security policy implementation information is not accessible to 
other devices (col. 5, lines 34-53, col. 9, lines 45-60). 

1 2. As to claims 40 and 87, Antur discloses including displaying to a user a view of 
the multiple security devices and the supervisor devices currently associated with the 
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security devices, and wherein the distributing of the security policy implennentation 
information is in response to a visual selection by the user (col. 9, lines 15-17). 

1 3. As to claim 50, Antur discloses a method for distributing control information to 
multiple security devices for use in controlling the operation of the multiple security 
devices (abstract), the method comprising: 

for each of the security devices, determining a supervisor device currently 
associated with the security device (FIG. 7, col. 2, lines 53-67 to col. 3, lines 1-5, col. 9, 
lines 10-36); 

distributing the control information to each of the determined supervisor devices 
(col. 9, lines 15-26); and 

indicating to each of the determined supervisor devices to distribute the control 
information to the security devices with which the supervisor device is associated (col. 
9, lines 45-58). 

14. As to claim 51 , Antur discloses wherein after the control information is distributed 
to the security devices, the security devices operate in accordance with the control 
information (col. 9, lines 45-58). 

Claim Rejections - 35 USC § 103 

1 5. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or deschbed as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the phor art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

16. Claims 1-10 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Antur and further in view of Boyle et al. (Patent No.: 5,577,209) (hereinafter "Boyle"). 

1 7. As to claim 1 , Antur discloses a method for a security manager device to manage 
a plurality of network security devices with a plurality of supervisor devices, each 
network security device generating network security information related to an 
associated group of network devices, storing the generated network security information 
on a primary supervisor device for the network security device when the primary 
supervisor device is available to store the generated network security information, and 
storing the generated network security information on an alternate supervisor device 
when the primary supervisor device is unavailable, the method comprising: 

distributing security control information to multiple network security devices, the 
security control information to be used to generate network security information (Antur, 
col. 2, lines 53-67 to col. 3, lines 1-5, col. 9, lines 10-36), by 

determining a supervisor device that is the primary supervisor device for each of 
the multiple network security devices (Antur, FIG. 7, col. 9, lines 10-36); 

sending a single copy of the security control information to the determined 
supervisor device (Antur, col. 9, lines 15-26); and 
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indicating to the determined supervisor device to send a copy of the security 
control information to each of the multiple network security devices (Antur, col. 9, lines 
45-58); and 

aggregating the network security information generated by an indicated one of 
the multiple network security devices using the security control information (Antur, col. 
9, lines 45-58). 

Antur doesn't explicitly disclose but Boyle discloses: 

determining at least one alternate supervisor device that stores at least a portion 
of the network security information generated by the indicated network security device 
(Boyle, col. 9, lines 5-15, "alternate ASM"); 

notifying the primary supervisor device for the indicated network security device 
of a desire for the generated network security information, the notifying including an 
indication of the determined alternate supervisor devices (Boyle, col. 9, lines 5-15, 
"negotiates SNIU pairings with all other ASMs"); and 

in response, receiving the generated network security information, so that the 
security manager device can efficiently distribute security control information to multiple 
network security devices, and can retrieve all of the generated network security 
information for a network security device because alternate supervisor devices will store 
the information when the primary supervisor device for the network security device is 
unavailable (Boyle, col. 9, lines 15-23, "The SM also collets and stores the audit 
information generated by the SNIUs in response to the SM's criteria"). 
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Therefore, it would have been obvious to one of ordinary skill in the art at the 
time of the invention was made to modify the teaching of Antur as taught by Boyle in 
order to maintain automatic security monitoring in the even of a single security device 
failures. 

18. As to claim 2, Antur discloses including generating network security information 
by, for each network security device: 

monitoring network information passing between any network device in the 
associated group for the network security device and any network device not in the 
associated group (Antur, col. 2, lines 53-67 to col. 3, lines 1-5, col. 9, lines 10-36); and 

when the monitored network information is of an indicated type (Antur, col. 9, 
lines 10-36), 

determining whether the primary supervisor device for the network 
security device is available to receive information (Antur, col. 9, lines 10-36); 

when the primary supervisor device is available, sending network security 
information about the monitored network information to the primary supervisor device 
for storage (Antur, col. 9, lines 10-36). 

Antur doesn't explicitly disclose but Boyle discloses: 

when the primary supervisor device is not available, sending network 
security information about the monitored network information to an alternate supervisor 
device for storage (Boyle, col. 9, lines 5-15). 
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Therefore, it would have been obvious to one of ordinary skill in the art at the 
time of the invention was made to modify the teaching of Antur as taught by Boyle in 
order to maintain automatic security monitoring in the even of a single security device 
failures. 

1 9. As to claim 3, Antur discloses wherein for each network security device, a 
security policy for the network security device specifies the indicated types of monitored 
network information for which to generate network security information and specifies 
data related to the monitored network information to be included in the generated 
network security (col. 2, lines 53-67 to col. 3, lines 1-5, col. 9, lines 10-36). 

20. As to claim 4, Antur discloses wherein the distributed security control information 
is software to be executed by the multiple network security devices to control the 
generation of the network security information (col. 9, lines 10-36). 

21 . As to claim 5, Antur discloses wherein the distributed security control information 
is a security policy that defines the network security information to be generated, and 

including: 

after a copy of the security policy template has been sent to each of the multiple 
network security devices, configuring each copy of the security policy template with 
information specific to the network security device to which the security policy template 
was sent (col. 2, lines 53-67 to col. 3, lines 1-5,). 
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22. As to claim 6, Antur discloses wherein after the notifying of the primary 
supervisor device, the primary supervisor device sends the generated network security 
information to the manager device by: 

retrieving from each of the determined alternate supervisor devices the network 
security information generated by the indicated network security device (col. 2, lines 53- 
67 to col. 3, lines 1-5); 

retrieving any network security information generated by the indicated network 
security device that Is stored by the primary supervisor device (col. 9, lines 10-36); and 

sending the retrieved network security information to the manager device (col. 9, 
lines 10-36). 

23. As to claim 7, Antur discloses Including after the receiving of the generated 
network security information, aggregating the portions of the generated network security 
information stored by the determined alternate supervisor devices and any portion of the 
generated network security information stored by the primary supervisor device (col. 2, 
lines 53-67 to col. 3, lines 1-5). 

24. As to claim 8, Antur discloses wherein information is sent between the manager 
device and the supervisor devices and between the supervisor devices and the network 
security devices in a secure form so that others do not have access to contents of the 
information (col. 2, lines 53-67 to col. 3, lines 1-5). 
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25. As to claim 9, Antur discloses including displaying to a user the plurality of 
network security devices and the plurality of supervisor devices in such a manner that 
the primary supervisor device for each of the network security devices is visually 
indicated, and wherein the distributing of the security control information to the multiple 
network security devices is in response to selection by the user of the displayed multiple 
network security devices (col. 9, lines 10-36). 

26. As to claim 10, Antur discloses including displaying to a user the plurality of 
network security devices and the plurality of supervisor devices in such a manner that 
the primary supervisor device for each of the network security devices is visually 
indicated, and wherein the aggregating of the network security information generated by 
an indicated one of the multiple network security devices is in response to a visual 
indication by the user of the one multiple network security device (FIG. 7, col. 2, lines 
53-67 to col. 3, lines 1-5, col. 9, lines 10-36). 

27. Claims 33-34 and 84-85 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Antur and further in view of Luckenbaugh (Patent No.: 5,991 ,877). 

28. As to claims 33 and 84, Antur doesn't explicitly disclose wherein the security 
policy implementation information is security policy template that indicates the security 
information to be generated. However, Luckenbaugh discloses wherein the security 
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policy implementation information is a security policy template that indicates the security 
information to be generated (abstract, which describes "providing templates for such 
objects within at least one policy manager class of objects"). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time of the invention was made to modify the teaching of Antur as taught by 
Luckenbaugh in order to minimize security risks by distributing standardized security 
policy to all devices. 

29. As to claims 34 and 85, Antur discloses including: after the security policy 
implementation information has been distributed to each of the security devices, 
configuring the security policy implementation information distinctly on each security 
device (col. 2, lines 53-67 to col. 3, lines 1-5, col. 9, lines 10-36). 

30. Examiner's note: Examiner has cited particular columns and line numbers in the 
references as applied to the claims above for the convenience of the applicant. 
Although the specified citations are representative of the teachings in the art and are 
applied to the specific limitations within the individual claim, other passages and figures 
may be applied as well. It is respectfully requested from the applicant, in preparing the 
responses, to fully consider the references in entirety as potentially teaching all or part 
of the claimed invention as well as the context of the passage as taught by the prior art 
or disclosed by the examiner. 



Application/Control Number: 1 0/71 2,31 3 Page 1 3 

Art Unit: 2135 

Response to Arguments 

31 . Applicant's arguments witli respect to claims 1 -1 0, 31 -40, 50-51 and 82-87 have 
been considered but are moot in view of the new ground(s) of rejection. 

Conclusion 

32. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to SUMAN DEBNATH whose telephone number is 
(571)270-1256. The examiner can normally be reached on 8 am to 5 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Y. Vu can be reached on 571 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



IS. D.I 
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